From 43b8490be64703110fa916a84788d4a4e07437d8 Mon Sep 17 00:00:00 2001 From: Daniel Muey Date: Wed, 28 Feb 2018 12:34:32 -0600 Subject: [PATCH] Issue #1671: Only generate SecHashKey when SecHashEngine is On --- CHANGES | 2 ++ apache2/apache2_config.c | 9 +++++++-- 2 files changed, 9 insertions(+), 2 deletions(-) diff --git a/CHANGES b/CHANGES index bec10a4818..fae189ccbb 100644 --- a/CHANGES +++ b/CHANGES @@ -1,6 +1,8 @@ DD MMM YYYY - 2.9.3 - To be released ------------------------------------ + * Only generate SecHashKey when SecHashEngine is On + [Issue #1671 - @dmuey, @monkburger] * Fix arabic charset in unicode_mapping file [Issue #1619 - @alaa-ahmed-a] * Optionally preallocates memory when SecStreamInBodyInspection is on diff --git a/apache2/apache2_config.c b/apache2/apache2_config.c index ce97950f54..9a7b7b5ccf 100644 --- a/apache2/apache2_config.c +++ b/apache2/apache2_config.c @@ -732,8 +732,13 @@ void init_directory_config(directory_config *dcfg) if (dcfg->col_timeout == NOT_SET) dcfg->col_timeout = 3600; /* Hash */ - if (dcfg->crypto_key == NOT_SET_P) dcfg->crypto_key = getkey(dcfg->mp); - if (dcfg->crypto_key_len == NOT_SET) dcfg->crypto_key_len = strlen(dcfg->crypto_key); + if (dcfg->hash_is_enabled == HASH_ENABLED) { + if (dcfg->crypto_key == NOT_SET_P) dcfg->crypto_key = getkey(dcfg->mp); + if (dcfg->crypto_key_len == NOT_SET) dcfg->crypto_key_len = strlen(dcfg->crypto_key); + } else { + if (dcfg->crypto_key == NOT_SET_P) dcfg->crypto_key = ""; + if (dcfg->crypto_key_len == NOT_SET) dcfg->crypto_key_len = 0; + } if (dcfg->crypto_key_add == NOT_SET) dcfg->crypto_key_add = HASH_KEYONLY; if (dcfg->crypto_param_name == NOT_SET_P) dcfg->crypto_param_name = "crypt"; if (dcfg->hash_is_enabled == NOT_SET) dcfg->hash_is_enabled = HASH_DISABLED;